Bump the dependabot group across 1 directory with 5 updates#166
Closed
dependabot[bot] wants to merge 1 commit intomainfrom
Closed
Bump the dependabot group across 1 directory with 5 updates#166dependabot[bot] wants to merge 1 commit intomainfrom
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps the dependabot group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [importlib-metadata](https://github.com/python/importlib_metadata) | `8.6.1` | `8.7.0` | | [pip](https://github.com/pypa/pip) | `25.0.1` | `25.1.1` | | [setuptools](https://github.com/pypa/setuptools) | `79.0.0` | `80.3.1` | | [certifi](https://github.com/certifi/python-certifi) | `2025.1.31` | `2025.4.26` | | [termcolor](https://github.com/termcolor/termcolor) | `3.0.1` | `3.1.0` | Updates `importlib-metadata` from 8.6.1 to 8.7.0 - [Release notes](https://github.com/python/importlib_metadata/releases) - [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst) - [Commits](python/importlib_metadata@v8.6.1...v8.7.0) Updates `pip` from 25.0.1 to 25.1.1 - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](pypa/pip@25.0.1...25.1.1) Updates `setuptools` from 79.0.0 to 80.3.1 - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst) - [Commits](pypa/setuptools@v79.0.0...v80.3.1) Updates `certifi` from 2025.1.31 to 2025.4.26 - [Commits](certifi/python-certifi@2025.01.31...2025.04.26) Updates `termcolor` from 3.0.1 to 3.1.0 - [Release notes](https://github.com/termcolor/termcolor/releases) - [Changelog](https://github.com/termcolor/termcolor/blob/main/CHANGES.md) - [Commits](termcolor/termcolor@3.0.1...3.1.0) --- updated-dependencies: - dependency-name: importlib-metadata dependency-version: 8.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot - dependency-name: pip dependency-version: 25.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot - dependency-name: setuptools dependency-version: 80.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependabot - dependency-name: certifi dependency-version: 2025.4.26 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot - dependency-name: termcolor dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
kralka
approved these changes
May 5, 2025
Pull Request Test Coverage Report for Build 14831484119Details
💛 - Coveralls |
Contributor
Author
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the dependabot group with 5 updates in the / directory:
8.6.18.7.025.0.125.1.179.0.080.3.12025.1.312025.4.263.0.13.1.0Updates
importlib-metadatafrom 8.6.1 to 8.7.0Changelog
Sourced from importlib-metadata's changelog.
Commits
708dff4Finalizeb3065f0Merge pull request #519 from python/bugfix/493-metadata-missinge4351c2Add a new test capturing the new expectation.5a65705Refactor the casting into a wrapper for brevity and to document its purpose.0830c39Add news fragment.22bb567Fix type errors where metadata could be None.57f31d7Allow metadata to return None when there is no metadata present.b9c4be4Merge pull request #518 from python/bugfix/488-bad-ep-value9f8af01Prefer a cached property, as the property is likely to be retrieved at least ...f179e28Also raise ValueError on construction if the value is invalid.Updates
pipfrom 25.0.1 to 25.1.1Changelog
Sourced from pip's changelog.
... (truncated)
Commits
01857efBump for release08d8bb9Merge pull request #13374 from pfmoore/fixups2bff84eMerge pull request #13363 from sbidoul/fix-source_dir-assert644e71dNews file fixups426856fMerge pull request #13364 from ichard26/bugfix/python39b7e3aeaMerge pull request #13356 from eli-schwartz/tomllib8c678feMerge pull request #13373 from sirosen/update-vendored-dependency-groups7d00639Update newsfiles for dependency-groups patch6d28bbfUpdate version ofdependency-groupsto v1.3.194bd66dRevert StreamWrapper removal to restore Python 3.9.{0,6} compatUpdates
setuptoolsfrom 79.0.0 to 80.3.1Changelog
Sourced from setuptools's changelog.
... (truncated)
Commits
f37845bBump version: 80.3.0 → 80.3.1a6f8db0Merge pull request #4980 from pypa/debt/4976-pbr-compat05cf544Add news fragment.5b39e4eAdd the deprecation warning to attribute access.30c0038Render the attributes dynamically.d622935Restore ScriptWriter and sys_executable properties.88bd892Add a failing integration test. Ref #49769dccfa4Moved pbr setup into a fixture.af8b322Bump version: 80.2.0 → 80.3.0e7b8084Merge pull request #4963 from pypa/debt/remove-easy-installUpdates
certififrom 2025.1.31 to 2025.4.26Commits
275c9eb2025.04.26 (#347)3788331Bump actions/setup-python from 5.4.0 to 5.5.0 (#346)9d1f1b7Bump actions/download-artifact from 4.1.9 to 4.2.1 (#344)96b97a5Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#343)c054ed3Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (#342)44547fcBump actions/download-artifact from 4.1.8 to 4.1.9 (#341)5ea5124Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#340)2f142b7Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (#339)80d2ebdBump actions/setup-python from 5.3.0 to 5.4.0 (#337)Updates
termcolorfrom 3.0.1 to 3.1.0Release notes
Sourced from termcolor's releases.
Commits
1e0ae11Test free-threaded Python 3.13t and 3.14t (#111)9e3f5bbTest free-threaded Python 3.13t and 3.14t52bf721Add mutation testing (#109)968cfa5Add tests for cprint kwargs6048bd5Add mutation testingfd08149Test code branches (#108)b32a006Test code branches60815d2Cache system lookups to save invocation time (#107)7e1e892Complete coverage via added tests (#106)e516dd5Cache system lookups to save invocation timeDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions